CN114374669B - VPN client proxy DNS analysis method and system - Google Patents
VPN client proxy DNS analysis method and system Download PDFInfo
- Publication number
- CN114374669B CN114374669B CN202210026279.5A CN202210026279A CN114374669B CN 114374669 B CN114374669 B CN 114374669B CN 202210026279 A CN202210026279 A CN 202210026279A CN 114374669 B CN114374669 B CN 114374669B
- Authority
- CN
- China
- Prior art keywords
- dns
- response message
- vpn
- received
- response
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
- 238000004458 analytical method Methods 0.000 title claims abstract description 14
- 230000004044 response Effects 0.000 claims abstract description 179
- 238000000034 method Methods 0.000 claims abstract description 35
- 238000001514 detection method Methods 0.000 claims description 4
- 230000003139 buffering effect Effects 0.000 claims description 3
- 238000004064 recycling Methods 0.000 claims description 2
- 230000000977 initiatory effect Effects 0.000 abstract description 3
- 230000007246 mechanism Effects 0.000 abstract description 3
- 238000010586 diagram Methods 0.000 description 12
- 230000008569 process Effects 0.000 description 6
- 238000007796 conventional method Methods 0.000 description 5
- 230000004048 modification Effects 0.000 description 3
- 238000012986 modification Methods 0.000 description 3
- 235000008694 Humulus lupulus Nutrition 0.000 description 2
- 238000000354 decomposition reaction Methods 0.000 description 1
- 238000013461 design Methods 0.000 description 1
- 238000005215 recombination Methods 0.000 description 1
- 230000006798 recombination Effects 0.000 description 1
- 230000003252 repetitive effect Effects 0.000 description 1
- 238000006467 substitution reaction Methods 0.000 description 1
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L12/00—Data switching networks
- H04L12/28—Data switching networks characterised by path configuration, e.g. LAN [Local Area Networks] or WAN [Wide Area Networks]
- H04L12/46—Interconnection of networks
- H04L12/4633—Interconnection of networks using encapsulation techniques, e.g. tunneling
Landscapes
- Engineering & Computer Science (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Data Exchanges In Wide-Area Networks (AREA)
Abstract
The present disclosure relates to a VPN client proxy DNS resolution method and system. The method comprises the following steps: receiving a DNS query request; forwarding the DNS query request to a user side DNS server and a VPN side DNS server; analyzing DNS inquiry response messages from the user side DNS server and the VPN side DNS server; and replying with the first received and error-free query response message. The problem of VPN intranet resource access error caused by a DNS server preferential mechanism of an operating system can be avoided, and access to a public network domain name is not affected. In addition, under the condition of simultaneously initiating the DNS request, generally for the public network domain name and the private domain name of the user side network, the DNS server at the user side is fast in analysis, the problem of the nearby cross-operator and CDN is solved, the VPN proxy can preferentially return the DNS analysis result to the application program, the user can quickly access the network, and the user surfing experience is improved.
Description
Technical Field
The disclosure relates to the technical field of VPN, and in particular relates to a VPN client proxy DNS resolution method and system.
Background
A DNS server is built in a general user office network, a host computer carries out DNS domain name resolution by configuring an intranet DNS address and a public network DNS, so that when the intranet DNS server has a problem, the public network DNS server is adopted for resolving, and the intranet DNS server can resolve a private domain name and a public network domain name of a client network.
When a user uses VPN, because part of VPN resources are released in the form of domain names, the DNS server at the original network user side of the user cannot analyze the VPN domain name resources, and the VPN resource domain name requires to be analyzed by the DNS server at the VPN server side. The public domain name can be resolved by a VPN server side DNS server or by an original network user side DNS server of the client, but the private domain name in the client needs to be resolved by the original network user side DNS server.
When using VPN, the intranet domain name requires to use VPN DNS resolution, and the public domain name requires to use public DNS resolution. In part of the operation system, the priority of the network card can be modified by modifying the registry, the number of network card hops and other conventional methods, so that the DNS request is resolved by preferentially using the intranet DNS server. However, a part of operating systems cannot modify the priority of the network card by using a conventional method, and after the normal connection, the public network DNS priority is higher than the VPN DNS priority, so that the intranet domain name is resolved into a public network address or cannot be resolved, and a user cannot access the intranet domain name correctly.
The prior VPN cannot modify the priority of the network card by using a conventional method, and the priority of the original network DNS server is higher than that of the DNS server side of the VPN after normal connection, so that the domain name of the VPN resource is resolved into a public network address or cannot be resolved, and a user cannot access the VPN resource correctly. If the VPN side DNS server does not support resolution of the public network domain name, after the VPN side DNS server fails to resolve, the original network DNS server is used for resolving, and the domain name is resolved twice, so that the resolving speed is low, and the user experience is seriously affected. If the VPN side DNS server supports to analyze the public network domain name, the analyzed IP has the problems of crossing operators, CDN nearby and the like due to different geographic positions of the user and the VPN side DNS server, operators and the like.
Therefore, there is a need for a VPN client proxy DNS resolution method and system that does not require modification of network card priority.
Disclosure of Invention
In view of this, the present disclosure provides a VPN client proxy DNS resolution method and system. According to an aspect of the present disclosure, a VPN client proxy DNS resolution method is provided, the method comprising: receiving a DNS query request; forwarding the DNS query request to a user side DNS server and a VPN side DNS server; analyzing DNS inquiry response messages from the user side DNS server and the VPN side DNS server; and replying with the first received and error-free query response message.
According to the VPN client proxy DNS analysis method disclosed by the disclosure, if the first received inquiry response message is not error-free, caching the inquiry response message; after a preset time is elapsed after the first time of receiving the non-error-free inquiry response message and caching the inquiry response message, determining response timeout when other inquiry response messages are not received; and adopting the cached inquiry response message to answer.
According to the VPN client proxy DNS analysis method disclosed by the disclosure, if the received response message is not error-free, the last received inquiry response message is adopted for answering.
According to the VPN client proxy DNS analysis method disclosed by the disclosure, if no inquiry response message is received within a preset time period, no response is carried out.
According to the VPN client proxy DNS resolution method disclosed by the disclosure, the buffer space is released after the buffered inquiry response message is adopted for response.
According to another aspect of the present disclosure, there is also provided a VPN client system, the system comprising: a receiving request component for receiving a DNS query request; a forwarding component, configured to forward the DNS query request to a user-side DNS server and a VPN-side DNS server; the analysis component is used for analyzing the query response messages from the user side DNS server and the VPN side DNS server; and the response component is used for responding by adopting the first received and error-free query response message.
A VPN client proxy DNS resolution system according to the present disclosure, further comprising: the buffer component is used for buffering the query response message if the response message received for the first time is not error-free; the timeout detection component is used for determining response timeout when other inquiry response messages are not received after the inquiry response messages which are not error-free are received for the first time and the inquiry response messages are cached for a preset time; and the response component is further used for responding by adopting the cached inquiry response message.
The VPN client proxy DNS analysis system according to the present disclosure, wherein the response component responds with a last received query response message when none of the received response messages is error-free.
The VPN client proxy DNS resolution system according to the present disclosure, wherein the reply component does not reply at all when no query response message is received within a preset time period.
A VPN client proxy DNS resolution system according to the present disclosure, further comprising: and the resource recycling component is used for releasing the cache space after responding by adopting the cached query response message.
In summary, by adopting the method and the system for proxy DNS resolution of the VPN client disclosed by the present disclosure, no network card priority needs to be set, and the local port is monitored through the VPN client, so that all DNS query requests of the local are proxy, and DNS request resolution is completed. Specifically, when the user side initiates a DNS query request, the VPN client receives the DNS request message, parses the request message, and proxy the DNS client to forward the DNS query request to the VPN server side DNS server and the user side DNS server at the same time, and feeds back the correct response message that arrives first to the DNS client through parsing the response message, so that errors in accessing VPN intranet resources caused by a preferential mechanism of the DNS server of part of the operating system are avoided, and access to public network domain names is not affected. In addition, under the condition of simultaneously initiating the DNS request, generally for the public network domain name and the private domain name of the user side network, the DNS server at the user side is fast in analysis, the problem of the nearby cross-operator and CDN is solved, the VPN proxy can preferentially return the DNS analysis result to the application program, the user can quickly access the network, and the user surfing experience is improved.
It is to be understood that both the foregoing general description and the following detailed description are exemplary and explanatory only and are not restrictive of the disclosure.
Drawings
The above and other objects, features and advantages of the present disclosure will become more apparent by describing in detail exemplary embodiments thereof with reference to the attached drawings. The drawings described below are merely examples of the present disclosure and other drawings may be obtained from these drawings without inventive effort for a person of ordinary skill in the art.
Fig. 1 is a schematic diagram illustrating an application example of a VPN client proxy DNS resolution method and system according to an embodiment of the present disclosure.
Fig. 2 is a flow chart illustrating a VPN client proxy DNS resolution method according to an embodiment of the present disclosure.
Fig. 3 is a schematic structural diagram of a DNS packet used in an embodiment of the present disclosure.
Fig. 4 is a schematic diagram of a flag field in a DNS packet used in an embodiment of the present disclosure.
Fig. 5 is a schematic diagram illustrating a response procedure of a VPN client proxy DNS resolution method according to an embodiment of the present disclosure.
Fig. 6 is a schematic diagram of a VPN client according to an embodiment of the present disclosure.
Detailed Description
Example embodiments will now be described more fully with reference to the accompanying drawings. However, the exemplary embodiments can be embodied in many forms and should not be construed as limited to the embodiments set forth herein; rather, these embodiments are provided so that this disclosure will be thorough and complete, and will fully convey the concept of the example embodiments to those skilled in the art. The same reference numerals in the drawings denote the same or similar parts, and thus a repetitive description thereof will be omitted.
Furthermore, the described features, structures, or characteristics may be combined in any suitable manner in one or more embodiments. In the following description, numerous specific details are provided to give a thorough understanding of embodiments of the disclosure. One skilled in the relevant art will recognize, however, that the disclosed aspects may be practiced without one or more of the specific details, or with other methods, components, devices, steps, etc. In other instances, well-known methods, systems, implementations, or operations have not been shown or described in detail to avoid obscuring aspects of the disclosure.
The block diagrams depicted in the figures are merely functional entities and do not necessarily correspond to physically separate entities. That is, the functional entities may be implemented in software, or in one or more hardware modules or integrated circuits, or in different networks and/or processor devices and/or microcontroller devices.
The flow diagrams depicted in the figures are exemplary only, and do not necessarily include all of the elements and operations/steps, nor must they be performed in the order described. For example, some operations/steps may be decomposed, and some operations/steps may be combined or partially combined, so that the order of actual execution may be changed according to actual situations.
Those skilled in the art will appreciate that the drawings are schematic representations of example embodiments and that the modules or flows in the drawings are not necessarily required to practice the present disclosure, and therefore, should not be taken to limit the scope of the present disclosure.
Fig. 1 is a schematic diagram illustrating an application example of a VPN client proxy DNS resolution method and system according to an embodiment of the present disclosure. As shown in fig. 1, in the application environment of VPN (virtual private network), since some VPN resources are published in the form of domain names, users access these resources need to access DNS (domain name system) servers on the VPN side to resolve the domain names of VPN resources. Accessing resources on public and private networks inside the user requires accessing DNS servers on the user side of the original network to resolve the public and private network domain names.
The VPN resource domain name requires resolution using a VPN side DNS server, which cannot resolve. The public network domain name may be resolved by a VPN side DNS server or by a user side DNS server, but the private network domain name of the user needs to be resolved by the user side DNS server. When configuring the DNS server, the host configures an address of a VPN side DNS server and an address of a public network DNS server so as to analyze by adopting the public network DNS server when the VPN side DNS server has a problem.
When using VPN, the intranet domain name requires to use VPN DNS resolution, and the public domain name requires to use public DNS resolution. Therefore, in some VPN environments, people modify the priority of the network card by modifying the registry, the number of network card hops, and other conventional methods, so as to implement that the DNS request is resolved by preferentially using the intranet DNS server. The conventional method is difficult to modify the priority of the network card, and the public network DNS priority is higher than the VPN DNS priority after the VPN is normally connected, so that the intranet domain name is resolved into a public network address or can not be resolved, and a user can not access the intranet domain name correctly. This brings a bad experience for people, and modifying the priority of the network card is a technical obstacle which is difficult for the ordinary users to overcome. Accordingly, the present disclosure proposes a VPN client proxy DNS resolution method.
Fig. 2 is a flow chart illustrating a VPN client proxy DNS resolution method according to an embodiment of the present disclosure. Domain name resolution can be generally divided into two steps: firstly, a local machine sends a DNS request message to a domain name server, wherein the message carries a domain name to be queried; and then, the domain name server responds a DNS response message to the local machine, wherein the DNS response message contains the IP address corresponding to the domain name. In VPN environment, VPN client will proxy itself to forward DNS query request message to domain name server and accept DNS response message from domain name server.
In VPN environment, after VPN client starts, VPN client starts to monitor local 53 port to proxy all DNS resolutions of the local because default port number of DNS protocol is 53. And then the DNS server addresses of the user side are saved, and the DNS server addresses of the physical network card and the virtual network card are set to 127.0.0.1.
As shown in fig. 2, in S202, a DNS query request is received. The DNS query request may be a request to resolve a VPN resource domain name or a public network domain name, and may be from the VPN client itself or various applications that the user needs to perform network communications, for example, a web browsing application, a search class application, an instant messaging tool, a mailbox client, social platform software, a shopping class application, and so on. The DNS messages are divided into request messages and response messages. The formats of the DNS request message and the DNS response message are basically the same. Fig. 3 is a schematic structural diagram of a DNS packet.
More specifically, when the application program at the user end initiates a DNS request, a DNS query request packet is sent to the local 53 port, and at this time, the VPN client may newly create a process UDP Socket1, receive the DNS query request at the local 53 port through the UDP Socket1, and parse the DNS query request, including extracting domain name information of the request resolution.
In S204, the DNS query request is forwarded to the user side DNS server and the VPN side DNS server. More specifically, the VPN client process may create two UDP sockets: UDP Socket2 and UDP Socket3. The DNS query request can be forwarded to the DNS server at the user side by using UDP Socket2, and the DNS query request can be forwarded to the DNS server at the VPN side by using UDP Socket3.
In S206, DNS query response messages from the user side DNS server and the VPN side DNS server are resolved. Fig. 4 is a schematic structural diagram of a flag field of a DNS packet. rcode (Reply code) is a reply code field that indicates the error status of the response. When the value is 0, it indicates that there is no error; when the value is 1, a message Format error (Format error) is indicated, and the server cannot understand the requested message; when the value is 2, the domain name Server fails (Server failure) because of Server reasons there is no way to handle the request; when the value is 3, a Name Error (Name Error) is indicated, only the authority domain Name resolution server is meaningful, and the resolved domain Name is indicated to be absent; when the value is 4, the query type is not supported (Not Implemented), namely the domain name server does not support the query type; when the value is 5, a rejection (Refused) is indicated, typically the server refuses to give a response due to the set policy, e.g., the server does not want to give a response to some requesters.
In S208, the first received and error-free query response message is used for replying. More specifically, whether the response message has an error can be determined according to whether the response code of the query response message is 0. If the response code is 0, the response message is represented as error-free; if the response code is not 0, it represents that the response message has errors. And forwarding the query response message which is received first and has the response code of 0 to the application program through the UDP Socket 1.
Fig. 5 is a schematic diagram illustrating a response procedure of a VPN client proxy DNS resolution method according to an embodiment of the present disclosure.
As shown in fig. 5, in one embodiment, the VPN client proxy DNS resolution method determines in step S504 whether the first response message is received. The first response message may come from the user side DNS server or from the VPN side DNS server. More specifically, the judgment can be made by detecting the setting condition of the answer flag bit and the cache flag bit corresponding to the DNS query request. The initial states of the response flag bit and the cache flag bit are all unset states. After receiving the response message, the VPN client detects the states of the response flag bit and the cache flag bit, and if the response flag bit and the cache flag bit are not set, the message is the first received response message.
In S506, it is determined whether the first response packet is error-free. More specifically, the reply code of the first response message is detected. If the response code is 0, the response message is error-free; if the response code is not 0, the response message is not error-free.
In S508, if the first response message is error-free, the first response message is used for responding. More specifically, if the response code of the first response message is detected to be 0, which indicates that the first response message has no error, the first response message is adopted to answer, and the answer process is ended. And setting a response flag bit so as to directly discard the received response message when the response message is received subsequently. More specifically, the first response message may be forwarded to the application program through UDP Socket 1.
In S510, if the first response message has an error, the first received response message is buffered. More specifically, if the response code of the first response message is detected to be not 0, which indicates that the first response message has an error, the first received response message is cached. And setting a cache flag bit.
In S512, it is determined whether a second response message is received. More specifically, after receiving the response message, the VPN client detects the states of the response flag bit and the cache flag bit. At this time, the buffer flag bit is set, which indicates that the first response message is received and the first response message is not error-free, and the received response message is the second received response message.
If a second response message is received, then the second response message is used to answer at S514. More specifically, at this time, the buffer flag bit is set, which indicates that the first response message has an error, that is: the DNS server on the side returning the first response message fails to successfully resolve the domain name in the DNS request message. At this time, the response code of the second response message is 0, which indicates that the second response message has no error, and the second response message is adopted to answer, so as to ensure that the response is performed by adopting the response message which is received first and has no error, and the answer process is ended. More specifically, the second response message may be forwarded to the application program through UDP Socket 1.
Optionally, in one embodiment, the VPN client proxy DNS resolution method also times the response time of the response message. Starting with the forwarding of the DNS query request at the VPN client, the response time for the DNS query request is timed.
As shown in fig. 5, at step S502, let t=0, and the timer starts counting. When it is determined at step S504 whether the first response message is received as no, the process proceeds to step S520. When it is determined in step S520 that T > T, it means that the user side DNS server and VPN side DNS server response messages are not received within a preset time, and thus, a response timeout is determined. Thus, in step S522, the VPN client does not make any reply. I.e. when no response message of the DNS server on any side is received within a preset time, no response is made. Further, when it is determined at step S520 that T is less than the given timeout threshold T, the VPN client feeds back to step S504 to further determine whether to receive the first response message, and waits for the first response message.
Optionally, when the result of determining whether the first response message is received is yes in step S504 and the result of determining whether the first response message is error-free in step S506 is no, it is determined whether the waiting response is time-out in step S512 when the result of determining whether the second response message is received is no. Specifically, when it is determined at step S516 that T > T, it means that the second response message is still not received after exceeding the predetermined time T, and the response timeout is determined. Similarly, when it is determined at step S516 that T is less than the given timeout threshold T, the VPN client returns to step S512 to further determine whether to receive the second response message and wait for the second response message.
If it is determined at step S516 that T > T, i.e. if the time waiting for the second response message has timed out, then the buffered first response message is used for replying at step S518. More specifically, the buffer flag bit is set at this time, which indicates that the first received response message has an error, that is: and the DNS server returning to the side of the first response message fails to successfully analyze the domain name in the DNS request message, and does not receive the second response message within preset time, and the cached first response message is adopted for responding. More specifically, the first buffered response message may be forwarded to the application program through UDP Socket 1.
Optionally, after replying with the buffered first response message at step S518, the buffer space is released at step S524. More specifically, after a timeout is determined, the status of the reply flag bit and the cache flag bit is detected. At this time, the response flag bit is not set and the buffer flag bit is set, which means that the first response message is received and the second response message is not received within a predetermined time, and the buffer space is released after the buffered first response message is forwarded to the application program through the UDP Socket 1.
Fig. 6 is a schematic diagram of a VPN client according to an embodiment of the present disclosure.
As shown in fig. 6, VPN client system 60 includes a receive request component 602, a forwarding component 604, a parsing component 608, and a response component 610. A receive request component 602 for receiving a DNS query request. And a forwarding component 604, configured to forward the DNS query request to a user-side DNS server and a VPN-side DNS server. The parsing component 606 is configured to parse the query response message from the user side DNS server and the VPN side DNS server. The reply component 608 is configured to reply with a first received and error-free query response message.
As shown in fig. 6, in one embodiment, the VPN client system may further include a caching component 610 and a timeout detection component 612. A caching component 610, configured to cache the query response message if the response message received for the first time is not error-free; a timeout detection component 612, configured to determine a response timeout when no other query response message is received after a predetermined time after receiving a non-error-free query response message for the first time and buffering the query response message; and a reply component 608 further configured to reply with the cached query response message.
In one embodiment, as shown in fig. 6, the reply component 608 of the VPN client system is further configured to reply with the last received query response message if none of the received response messages is error-free. The reply component 608 does not reply by receiving no query response message within the preset time period T.
In one embodiment, as shown in fig. 6, the VPN client system further comprises a reclaimed resource component 612 for freeing up cache space after replying with a cached query response message.
In summary, by adopting the method and the system for proxy DNS resolution of the VPN client disclosed by the present disclosure, no network card priority needs to be set, and the local port is monitored through the VPN client, so that all DNS query requests of the local are proxy, and DNS request resolution is completed. Specifically, when the user side initiates a DNS query request, the VPN client receives the DNS request message, parses the request message, and proxy the DNS client to forward the DNS query request to the VPN server side DNS server and the user side DNS server at the same time, and feeds back the correct response message that arrives first to the DNS client through parsing the response message, so that errors in accessing VPN intranet resources caused by a preferential mechanism of the DNS server of part of the operating system are avoided, and access to public network domain names is not affected. In addition, under the condition of simultaneously initiating the DNS request, generally for the public network domain name and the private domain name of the user side network, the DNS server at the user side is fast in analysis, the problem of the nearby cross-operator and CDN is solved, the VPN proxy can preferentially return the DNS analysis result to the application program, the user can quickly access the network, and the user surfing experience is improved.
While the basic principles of the present disclosure have been described above in connection with specific embodiments, it should be noted that all or any steps or components of the methods and apparatus of the present disclosure can be implemented in hardware, firmware, software, or combinations thereof in any computing device (including processors, storage media, etc.) or network of computing devices, as would be apparent to one of ordinary skill in the art upon reading the present disclosure.
Thus, the objects of the present disclosure may also be achieved by running a program or set of programs on any computing device. The computing device may be a well-known general purpose device. Thus, the objects of the present disclosure may also be achieved by simply providing a program product containing program code for implementing the method or apparatus. That is, such a program product also constitutes the present disclosure, and a storage medium storing such a program product also constitutes the present disclosure. It is apparent that the storage medium may be any known storage medium or any storage medium developed in the future.
It should also be noted that in the apparatus and methods of the present disclosure, it is apparent that the components or steps may be disassembled and/or assembled. Such decomposition and/or recombination should be considered equivalent to the present disclosure. The steps of executing the series of processes may naturally be executed in chronological order in the order described, but are not necessarily executed in chronological order. Some steps may be performed in parallel or independently of each other.
The above detailed description should not be taken as limiting the scope of the present disclosure. It will be apparent to those skilled in the art that various modifications, combinations, sub-combinations and alternatives can occur depending upon design requirements and other factors. Any modifications, equivalent substitutions and improvements made within the spirit and principles of the present disclosure are intended to be included within the scope of the present disclosure.
Claims (6)
1. A VPN client proxy DNS resolution method, comprising:
Receiving a DNS query request;
forwarding the DNS query request to a user side DNS server and a VPN side DNS server;
analyzing DNS inquiry response messages from the user side DNS server and the VPN side DNS server; and
Responding by adopting a query response message which is received first and has no error;
if the first received query response message is not error-free, caching the query response message, determining response timeout when other query response messages are not received after the first received non error-free query response message is cached for a preset time, and adopting the cached query response message to answer; and
If the received response message is not error-free, adopting the last received inquiry response message to answer.
2. The method of claim 1, further comprising:
If no inquiry response message is received within the preset time period, no response is carried out.
3. The method of claim 1, further comprising:
And releasing the buffer space after responding by adopting the buffered inquiry response message.
4. A VPN client system comprising:
A receiving request component for receiving a DNS query request;
a forwarding component, configured to forward the DNS query request to a user-side DNS server and a VPN-side DNS server;
The analysis component is used for analyzing the query response messages from the user side DNS server and the VPN side DNS server;
the response component is used for responding by adopting the first received and error-free query response message;
The buffer component is used for buffering the query response message if the response message received for the first time is not error-free;
And the timeout detection component is used for determining response timeout when other inquiry response messages are not received after the inquiry response messages which are not free of errors are received for the first time and are cached, wherein the response component adopts the cached inquiry response messages to answer, and the response component adopts the last received inquiry response message to answer when the received response messages are not free of errors.
5. The system of claim 4, wherein,
And the response component is further used for not carrying out any response if the query response message is not received within the preset time period.
6. The system of claim 4, further comprising:
And the resource recycling component is used for releasing the cache space after responding by adopting the cached query response message.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202210026279.5A CN114374669B (en) | 2022-01-11 | 2022-01-11 | VPN client proxy DNS analysis method and system |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202210026279.5A CN114374669B (en) | 2022-01-11 | 2022-01-11 | VPN client proxy DNS analysis method and system |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN114374669A CN114374669A (en) | 2022-04-19 |
| CN114374669B true CN114374669B (en) | 2024-04-26 |
Family
ID=81144558
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202210026279.5A Active CN114374669B (en) | 2022-01-11 | 2022-01-11 | VPN client proxy DNS analysis method and system |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN114374669B (en) |
Families Citing this family (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN115297088A (en) * | 2022-08-03 | 2022-11-04 | 中电云数智科技有限公司 | Domain name resolution system and method in cloud computing environment |
| CN115378906B (en) * | 2022-08-16 | 2024-02-13 | 北京轻网科技股份有限公司 | Local DNS proxy method, device, equipment and medium based on VPN framework |
Citations (12)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN1791053A (en) * | 2004-12-13 | 2006-06-21 | 杭州华为三康技术有限公司 | Method for implementing optimization selection for multi server |
| CN1976307A (en) * | 2005-11-28 | 2007-06-06 | 日立通讯技术株式会社 | DNS server |
| EP2347561A1 (en) * | 2008-10-15 | 2011-07-27 | Nokia Corporation | Methods, apparatuses, and computer program products for determining a network interface to access a network resource |
| CN103581258A (en) * | 2012-08-03 | 2014-02-12 | 中国移动通信集团公司 | Network data caching method and system |
| CN106453685A (en) * | 2016-11-15 | 2017-02-22 | 中国移动通信集团江苏有限公司 | Method for resolving with public DNS (Domain Name System) server, system and server |
| CN107592374A (en) * | 2017-09-04 | 2018-01-16 | 北京新流万联网络技术有限公司 | The DNS correcting methods and system of DNS domain name error resolution |
| CN107911496A (en) * | 2017-11-17 | 2018-04-13 | 杭州迪普科技股份有限公司 | A kind of VPN service terminal acts on behalf of the method and device of DNS |
| CN107995321A (en) * | 2017-11-17 | 2018-05-04 | 杭州迪普科技股份有限公司 | A kind of VPN client acts on behalf of the method and device of DNS |
| CN108093098A (en) * | 2018-01-31 | 2018-05-29 | 杭州迪普科技股份有限公司 | A kind of domain name mapping request sending method and device |
| CN108156274A (en) * | 2017-12-18 | 2018-06-12 | 杭州迪普科技股份有限公司 | Equipment is made to obtain the method and device of domain name mapping result in a kind of VPN network |
| CN112272158A (en) * | 2020-09-16 | 2021-01-26 | 厦门网宿有限公司 | Data proxy method, system and proxy server |
| CN112887444A (en) * | 2021-01-19 | 2021-06-01 | 网宿科技股份有限公司 | VPN (virtual private network) request processing method, client device and system |
Family Cites Families (7)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US7418597B2 (en) * | 2003-08-15 | 2008-08-26 | Venati, Inc. | Apparatus for accepting certificate requests and submission to multiple certificate authorities |
| WO2005103958A1 (en) * | 2004-04-20 | 2005-11-03 | The Boeing Company | Apparatus and method for automatic web proxy discovery and configuration |
| US8103795B2 (en) * | 2009-07-09 | 2012-01-24 | International Business Machines Corporation | TCP/IP host name resolution on a private network |
| US8910280B2 (en) * | 2012-04-30 | 2014-12-09 | At&T Intellectual Property I, L.P. | Detecting and blocking domain name system cache poisoning attacks |
| US20140173134A1 (en) * | 2012-12-18 | 2014-06-19 | Hughes Network Systems, Llc | Method and system for optimized opportunistic transmission of domain name reference information |
| US9762625B2 (en) * | 2014-05-28 | 2017-09-12 | Apple Inc. | Device and method for virtual private network connection establishment |
| US10230691B2 (en) * | 2016-02-03 | 2019-03-12 | Verisign, Inc. | Systems, devices, and methods for improved domain name system firewall protection |
-
2022
- 2022-01-11 CN CN202210026279.5A patent/CN114374669B/en active Active
Patent Citations (12)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN1791053A (en) * | 2004-12-13 | 2006-06-21 | 杭州华为三康技术有限公司 | Method for implementing optimization selection for multi server |
| CN1976307A (en) * | 2005-11-28 | 2007-06-06 | 日立通讯技术株式会社 | DNS server |
| EP2347561A1 (en) * | 2008-10-15 | 2011-07-27 | Nokia Corporation | Methods, apparatuses, and computer program products for determining a network interface to access a network resource |
| CN103581258A (en) * | 2012-08-03 | 2014-02-12 | 中国移动通信集团公司 | Network data caching method and system |
| CN106453685A (en) * | 2016-11-15 | 2017-02-22 | 中国移动通信集团江苏有限公司 | Method for resolving with public DNS (Domain Name System) server, system and server |
| CN107592374A (en) * | 2017-09-04 | 2018-01-16 | 北京新流万联网络技术有限公司 | The DNS correcting methods and system of DNS domain name error resolution |
| CN107911496A (en) * | 2017-11-17 | 2018-04-13 | 杭州迪普科技股份有限公司 | A kind of VPN service terminal acts on behalf of the method and device of DNS |
| CN107995321A (en) * | 2017-11-17 | 2018-05-04 | 杭州迪普科技股份有限公司 | A kind of VPN client acts on behalf of the method and device of DNS |
| CN108156274A (en) * | 2017-12-18 | 2018-06-12 | 杭州迪普科技股份有限公司 | Equipment is made to obtain the method and device of domain name mapping result in a kind of VPN network |
| CN108093098A (en) * | 2018-01-31 | 2018-05-29 | 杭州迪普科技股份有限公司 | A kind of domain name mapping request sending method and device |
| CN112272158A (en) * | 2020-09-16 | 2021-01-26 | 厦门网宿有限公司 | Data proxy method, system and proxy server |
| CN112887444A (en) * | 2021-01-19 | 2021-06-01 | 网宿科技股份有限公司 | VPN (virtual private network) request processing method, client device and system |
Non-Patent Citations (2)
| Title |
|---|
| "一种DNS数据源的获取与分析方法";高斐,高永仁;《莆田学院学报》;20121025;全文 * |
| Futurewei, ITRI.S2-2003643 "KI#1, Solution Update - Connectivity Models, Private Access and Architecture Assumptions".3GPP tsg_sa\wg2_arch.2020,(第tsgs2_139e_electronic期),全文. * |
Also Published As
| Publication number | Publication date |
|---|---|
| CN114374669A (en) | 2022-04-19 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN114374669B (en) | VPN client proxy DNS analysis method and system | |
| Zheng et al. | Distributed QoS evaluation for real-world web services | |
| US8972580B2 (en) | DNS outage avoidance method for recursive DNS servers | |
| EP2769307B1 (en) | Answer augmentation system for authoritative dns servers | |
| CN106533944B (en) | Distributed API gateway, management method and management system | |
| CN113366815B (en) | Network resource request method, device, electronic equipment and storage medium | |
| CN105144652A (en) | Address resolution in software-defined networks | |
| CN107613037B (en) | Domain name redirection method and system | |
| EP2633667A2 (en) | System and method for on the fly protocol conversion in obtaining policy enforcement information | |
| US20160323138A1 (en) | Scalable Event-Based Notifications | |
| US20190081924A1 (en) | Discovering address mobility events using dynamic domain name services | |
| US9032098B2 (en) | Device and method for retrieving information from a device | |
| WO2020088170A1 (en) | Domain name system configuration method and related apparatus | |
| CN112583952B (en) | Redirection scheduling processing method, device and system, related equipment and storage medium | |
| WO2017166524A1 (en) | Domain name parsing method and apparatus | |
| CN114553821B (en) | VPN client proxy DNS analysis method and device | |
| CN114553827B (en) | VPN client proxy DNS analysis method and device | |
| CN113315852B (en) | Domain name resolution method, device and system | |
| CN111031148A (en) | Address resolution method and device, electronic equipment and storage medium | |
| CN115118700B (en) | Communication method and communication system | |
| CN114301872B (en) | Domain name based access method and device, electronic equipment and storage medium | |
| CN113285920B (en) | Service access method, device, equipment and storage medium | |
| US11546405B2 (en) | Methods for exposing mainframe data as a web service and devices thereof | |
| CN113301556B (en) | User internet access record storage method, system and server | |
| CN112688959B (en) | Address protection method and device and electronic equipment |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |